Posts tagged “security”

UX architect Chauncey Wilson shares a rather scary story about permissions gone missing.

In the 1980s, I worked for about 7 years at Digital Equipment Corporation (DEC) as a usability engineer. My group was led by John Whiteside, who pushed to make usability a serious discipline informed by metrics, fieldwork, and lab studies. The method of contextual inquiry was developed in our group by John, Karen Holtzblatt, Sandy Jones and Dennis Wixon. We did a lot of fieldwork to refine our methods and inform product teams about how to improve their products.

During my tenure at DEC, I set up a set of interviews with a major client who must still go unnamed. The client did military research and used some of our products. I got clearance to interview people at the site with the caveat that all videos, tapes, and notes would be surrendered when I left. I would analyze the data at their site and do a presentation about my findings, leave all data, and not discuss any details of my interviews. I got to the site early in the morning and signed in at the front desk. In those days, we had 8mm video cameras as our primary tool for field interviews. I had permission from the senior security chief to videotape the screens and record sound for 5 different users of our DEC products. I started setting up my equipment for the first interview and about the time I got to mounting the video camera on a tripod, three really large security guards with weapons blocked the exit to the office and asked me what I was doing (“I’m here doing some research for DEC”), then they grabbed my equipment and took me to a holding area and proceeded to interrogate me. I said that I had sought permission and had an agreement with the chief security officer – but that agreement was not to be found.

My name had been on the visitor list and the people I was interviewing vouched that I had set things up with them, but there was no clear approval for videotaping. I asked if they could contact their security chief, but he was on a vacation in the Virgin Islands. While they called and left messages for him, I spent a few hours in the holding area (you might call it a “cell”) concerned that I might go to prison. Though it took a while, they did catch up with the security chief and took me back to the cube where I had started my set-up and let me continue.

I spent a week at this site and noticed that the guards walked by and checked in on me a lot. Every night when I left during the week, they had me empty my pockets and remove every item from my briefcase. On Friday, I put together a report and presented to an audience of very serious people who asked no questions. I left all the data, submitted to my final contraband search and left the most bizarre field visit of my entire career.

The Ben & Jerry’s Ice Cream Pint Lock is a simple enough product – a locking mechanism for a standard pint of ice cream. But along with its functionality comes a measure of social performance that’s worth a brief closer look.

The idea is humorous (one side of the lock has the slogan “I’m terribly sorry, but there’s no ‘u’ in ‘my pint'”) – but in that humor is a gentle reminder to everyone that Ben & Jerry’s is precious stuff, worth protecting.

As far as security goes (the ice cream is in cardboard, after all), I’m reminded of what a research participant told me once. When walking around the perimeter of his fast-food franchise, he said “A lock only stops an honest person.” His point was that any security can be broken with some amount of force, and the role of the lock is to make it clear that you aren’t welcome. Social norms keep most of us from bypassing that lock. So while we might pop open the ice cream and take a spoonful or two of our coworker or roommate or partner’s Chunky Monkey, we’re probably not going to cut through the package and make it obvious. So while this lock won’t stop a ravenous freezer rodent, it will protect your ice cream from most of your regular dessert-craving cohabitants.

It’s great design in that it considers the functionality in its cultural context. If they built this by spec-sheet (as one might with a bike lock, say) they would miss the point entirely.

Anthropologist Greg Cabrera spent 17 months in Afghanistan as an embedded academic with the military, supporting social science research and analysis as part of the Human Terrain System. In this story, his best practices bring some unwanted attention.

In the summer of 2010, when I first arrived to Kandahar Air Field, Afghanistan, I was unsure about how I would fit into a military culture. Just being from California created a cognitive barrier for most my military colleagues. Simply put, there were a lot of “don’t ask, don’t tell” jokes.

In any case, the first couple of weeks involved me playing catch up and learning everything I could about the assigned area and region. I took copious notes all the time to help jog my memory and capture information that would come in handy later on. My hope was to refer back to these notes and re-create the picture people were creating themselves based on scanty information.

In a war environment, you hear stories all the time and you never know what is real or not. The jargon further complicates the situation and makes it difficult for one to navigate people, places, and things, all of which tend to be obscured in military code.

One evening, I was hanging around the base waiting to link up with my liaison, Mike. He was facilitating an introduction to a detachment commander who I would work for over the next 12 months. Depending on how the meeting went, the commander would decide to bring me on board as a social scientist to work with him and his unit. I had tried to meet the commander earlier, but it was unclear where he was. His men told me he was busy in the port-a-john, but I think those guys were testing my wits. Long story short (and bathroom humor aside), we coordinated a meeting that night.

While I was hanging around the base waiting to link up with the commander, I noticed a large gathering of soldiers and civilians in an open area. In my curiosity, I wondered if there was something I needed to be in the know about. There was approximately 50 or so people gathering around a projector to watch a PowerPoint presentation projected on the side of a wall. I assumed the crowd was too large to accommodate on this small base where work areas were tight. Doing this outside made no sense because fighter jets flew and were so loud it could cause permanent hearing damage. I thought to myself, “Well, since they are doing this presentation out in the open, the information can’t be that sensitive. Surely taking a few notes or jottings couldn’t hurt?”

This presentation took place right before I would be heading out into the field. As it started and I began writing things down, I started to feel more than a bit uneasy about what I was hearing. The gentleman started off by explaining this fighting season was the bloodiest since 2007 A chart detailed the number of significant events (SIGACTS) and quantitative information about those killed in action, enemies killed in action, those wounded in action, improvised explosive devices found, indirect fire attacks, etcetera. Cough, ahem. I stopped myself at this point for a couple reasons:

First, I did not want to walk around with this in my notebook in case I lost it and the enemy had eyes on this information. Second, I was sure this could come back a bite me somehow. I immediately became nervous because of what I already had written down. I started thinking to myself as well: I don’t really need to be here.

As I started moving back, my actions caught the attention of a very attentive Sergeant Major. Sergeant Majors feed off opportunities to explode and make examples of others to reinforce the nature of their authority and rank. A strange civilian was the perfect feeding opportunity. Indeed, when I caught a glance at others in this crowd, no one else was taking notes or writing down information. “I’m dead,” I thought to myself.

Before I knew it, this dude’s eyes were piercing through me and he pointed at me to stop moving as he came over to me. He yanked me out of the crowd, and starting barking questions at me, hands on his hips and head leaning forward: “What are you doing?! What were you writing?! Who do you work for?!” Frozen, I muttered something to the effect of “Uh, I, I’m just an analyst.”

He took away my notebook and identification card and told me to follow him. The fact I did not have a security badge did not help my case and only contributed to the uneasy feeling sitting in the pit of my stomach.

He sat me down in the operations center near the legal officer. He pointed at me and explained to others that he had caught me taking notes. He assigned a soldier to guard me while he figured out how to handle the situation. As I sat on the couch with another soldier staring coldly at me, I gazed around the operations center. There was a white board with a funny quote about strippers, an empty office with a blow-up doll in it (oddly enough!), and some metallic signs on the walls demonstrating football fan territory.

These guys were pretty laid back, but I had broken the social contract and had no idea what the repercussions would be. At this point, I wished I had just stayed in my sleeping quarters. A phone call to my liaison Mike was my get-out-of-jail-free card. The Sergeant Major explained the situation to him and the JAG (legal) officer.

The JAG officer called me into his office and explained to me the nature of note-taking in a sensitive environment. Even though the presentation was out in the open, my act of taking notes classified my entire notebook. He handed the notebook back to me and I was on my way. I never saw the guy who detained me again. I wanted to simply get out, lick my wounds, and meet the commander who was waiting for me. The commander, who was not terribly impressed with my antics, laughed about my story. He decided to bring me on board on the spot despite my initial casting as a troublemaker. I like to think this gave me an edge or maybe he saw value in having me around to take notes (ironically) and provide insight into the strange cultural environment he was about to encounter.

I shook off the embarrassment, but it was a story that got a few laughs in my organization: “Human terrain guy detained for taking notes.” For me, it set the tone for the abrasiveness of military culture and reinforced my status as an outsider. I learned to be cautious about what I would capture in field notes and the sensitivity of collecting information in a war environment.

Chick Beer | America’s Beer for Women – Products that claim to be designed especially for women cloak themselves in empowerment and equality. Yet they easily ring false. Beyond issues of feminism, I see this as any type of design failure: not offering a specific understandable benefit that makes your promised experience tangible. In other words, why is this beer for “chicks?” Even if it was made by chicks, that’d be more than what they’re telling us here.

We brew Chick at America’s second-oldest brewery, located in beautiful southern Wisconsin. With over 160 years of experience, we know how to brew great beer. For centuries, beer has been created, produced and marketed by and to men. At Chick, we think that it’s time for a new choice. Chick Beer celebrates women: independent, smart, fun-loving and self-assured women who love life and embrace all of the possibilities that it has to offer. Above all, we think that beer is supposed to be fun! So enjoy! Grab a cool Chick and Witness the Chickness!”

There are plenty of other languages that blur the lines between what we call blue and green. Many languages don’t distinguish between the two colors at all. In the Thai language, khiaw means green except if it refers to the sky or the sea, in which case it’s blue. The Korean word purueda could refer to either blue or green, and the same goes for the Chinese word qƒ´ng. It’s not just East Asian languages either, this is something you see across language families. I find this fascinating, because it highlights a powerful idea about how we might see the world. After all, what really is a color? Just like the crayons, we’re taking something that has no natural boundaries – the frequencies of visible light – and dividing into convenient packages that we give a name.

If “Mystery Science Theater” was part insult comedy aimed at movies, there was also something congenial in the show’s tone. (Perhaps it was the puppet robots, or that it was all being produced in Minneapolis.) Six writers had to deliver a 90-minute episode every week, Mr. Hodgson said, with 600 to 800 riffs per movie, “when all the pistons were firing.” In devising the lines, no reference (Bella Abzug, Roy Lichtenstein) was too outré or rejected initially, Mr. Hodgson said. As he tried to convey to the students at Bucks, it’s best to brainstorm nonjudgmentally first and figure out what’s funny later.

The Science of ‘Gaydar’ [NYT] – Gaydar is provably real, and the framework used by these scientists describes a couple of different ways that we cognitively process what we see as faces.

It’s widely accepted in cognitive science that when viewing faces right side up, we process them in two different ways: we engage in featural face processing (registering individual facial features like an eye or lip) as well as configural face processing (registering spatial relationships among facial features, like the distance between the eyes or the facial width-to-height ratio). When we view faces upside down, however, we engage primarily in featural face processing; configural face processing is strongly disrupted. Thus our finding clarifies how people distinguish between gay and straight faces. Research by Professor Rule and his colleagues has implicated certain areas of the face (like the mouth area) in gaydar judgments. Our discovery – that accuracy was substantially greater for right side up faces than for upside-down faces – indicates that configural face processing contributes to gaydar accuracy. Specific facial features will not tell the whole story. Differences in spatial relationships among facial features matter, too.

The post-Iraq changes at the CIA also involve new analytic techniques, highlighted in a “tradecraft primer” in use at the agency since 2009. The manual is now used at the Sherman Kent School, the agency’s in-house training institute for new analysts. The manual opens with a section on the “mind-set” challenge. “If you’re only looking at [an issue] through one narrow view of the world, you’re not looking at the whole picture,” says John, who teaches at the Kent School. revealed. “Your biases will get you things like a confirmation bias: ‘I’ve seen it before, so it must be happening again.’ Or an anchoring bias: ‘We’ve come up with that conclusion, and I think it’s true, and it’s not going to change.'” One exercise now in use at the CIA is called “Analysis of Competing Hypotheses.” Analysts who may be inclined toward one explanation for some notable development are forced to consider alternative explanations and to tally up all the evidence that is inconsistent with their favored hypothesis. “You’re looking for the hypothesis with the least inconsistencies,” says John, who’s been at the CIA for 34 years. “We call it the Last Man Standing approach.” Such exercises are employed throughout the CIA’s Directorate of Intelligence. Each office now includes a “tradecraft cell,” staffed by specialists whose mission it is to make sure their colleagues are using all the latest analytic techniques and challenging their own judgments.

When implementing any human-based system, the interests of the people operating the system often don’t precisely coincide with the interests of those designing it. This is the principal-agent problem, and it manifests itself in your profiling system as the TSA agent who thinks “If I wave this person through without checking out the anomaly and he turns out to be a terrorist, it’s my ass on the line.” Because the cost to the agent of a false positive is zero but the cost of missing a real attacker is his entire career, screeners will naturally tend towards ignoring the profile and instead fully checking everyone. And the screener’s supervisor is unlikely to tell him, “Hey you need to ignore the next old lady that beeps,” because if he’s wrong then it’s his ass on the line. The phenomenon is more general than security; discretionary systems tend to gravitate towards zero-tolerance systems because “following procedure” is a reasonable defense against being blamed for failure.

In the lower left of the matrix are core innovation initiatives – efforts to make incremental changes to existing products and incremental inroads into new markets. Whether in the form of new packaging, or slight reformulations, such innovations draw on assets the company already has in place. At the opposite corner are transformational initiatives, designed to create new offers – if not whole new businesses – to serve new markets and customer needs. These sorts of innovations, also called breakthrough, disruptive, or game changing, generally require that the company call on unfamiliar assets and to develop markets that aren’t yet mature. In the middle are adjacent innovations. An adjacent innovation involves leveraging something the company does well into a new space. Adjacent innovations allow a company to draw on existing capabilities but necessitate putting those capabilities to new uses. They require fresh, proprietary insight into customer needs, demand trends, market structure, competitive dynamics, technology trends, and other market variables.

Inspired by the passionate critiques I read at Authentical, here’s mine. Today, a horrific experience establishing an online account with a State of California website. Although creating a new account is almost an automatic activity at this point, I had to try 5 times to create both a username (which had to have letters and a number, and be between 8 and 12 characters) and a password (which had to have letters both capital and lowercase and a number, etc.) that would work. I’m not sure how that ended up being hard for me, but it did.

But the hysterical part was the security questions. This site required me to set up answers to four security questions. My use case for the security questions is for those situations where I can’t remember which particular configuration of password I used and I need to get a reminder or reset it. Isn’t that everyone‘s case? So we need the reminders to be unambiguous. Fact-y type things like the standby Mother’s Maiden Name, or first pet’s name, etc. are pretty common. Obviously, if they are unambiguous, they can be broken. Somewhere someone can find out your first pet’s name. It won’t change. It’s objective.

These questions are much more personal and I suppose thus are less easily divined by an intruder. But the answers are far from immutable. I had absolutely no confidence I could come up with four questions that I would answer the same way 100% of the time. Even if I could fake out my future password-forgetting self by agreeing with him that I would say the Rolling Stones are my favorite band despite regardless of any wavering in my fandom, I couldn’t successfully negotiate the dialog. What was my dream job as a kid? Well, at one point it was stuntman, then actor, then writer, and I think even director (let’s leave the armchair shrink out of this for now, shall we?). If I put stuntman now, what will I remember when I forget my password?

The Four Questions

Taking those sets of questions away from the context of the registration process, I find them quite creepy, evoking some intimacy that doesn’t exist between me and the government website, or those Facebook memes cum virii where your friends exhort you to answer a random set of personal questions and then get other people to do the same.

[from julienorvaisas] A Badge That Tells Consumers, ‘Trust This App’ [NYTimes.com] – [Privacy concerns on the web have spawned a certification system. Does this really address the problem, curb the practice, or provide enough assurance/information to consumers? Or is it really more just a band-aid for providers to feel like they're doing enough to address mounting consumer concerns?] The certification process is a little bit different for mobile sites, said Chris Babel, chief executive of TRUSTe. People are worried about sites and apps using information that identifies them, like name, address and birth date. They also worry about geolocation services, whether Web companies can track where they are and whether they share that information with others, he said. And because many apps pull information from the phone, like calendar entries, people do not know exactly what information apps can access. “When it’s sitting on your mobile device, which has your contacts and calendar, what is it accessing? What’s it doing?” Mr. Babel said he hears customers ask.

[from steve_portigal] On the Road – Complaints of Poor Attitude in Airport Body Scans [NYTimes.com] – [Why does a change in process and design generate such a dramatic change in behavior?] By far, most readers wrote to complain about screeners who were rude. Helaine Fendelman said she felt as if she were in a cage as a screener “yelled at me about why I wasn’t paying attention to those who had proceeded me” through the machine. Elizabeth Wiley wrote of the “generally bullying air of the experience.” Melissa Hickey said a screener “barked orders at me as if I were a common criminal.” Bob Michelet agreed with my view that being ordered around was a “boot camp-like experience,” as he put it. Mary P. Koss said she didn’t like being “yelled at” after a screener decided her fingers were not forming a triangle as instructed while she held her hands over her head. “When I exited the machine, I was yelled at again to stand in place,” she said.

[from steve_portigal] Starbucks "Olive Way" test store aggregates Starbucks concepts [The Associated Press] – [While I applaud Starbucks for focusing on the quality of their core product – the coffee – I'm not sure that their secondary product – the experience- will benefit from closeness to the baristas. They need to makeover the staff brand before customers will seek them out] What succeeds at Olive Way will most likely be spread to other Starbucks stores around the country. With muted, earthy colors, an indoor-outdoor fireplace, cushy chairs, and a menu with wine from the Pacific Northwest's vineyards and beer from local craft brewers, this 2,500-square-foot shop in the Capitol Hill neighborhood will reopen in the fall with espresso machines in the middle. The machines at Olive Way will be part of what executives call a coffee theater. Counters will be narrower — a slim as a foot in some places — to bring customers closer to baristas; the machines will brew one cup at a time to extract deeper flavor from beans. The store will be the chain's only location that sells beer and wine in the U.S

April 2009 – Iraqis Snap Up Hummers as Icons of Power – “Iraqis love them because they’re really a symbol of power,” said Mr. Hilli, a chubby 37-year-old who could not stop chuckling. Nonetheless, he spoke with authority, since he was his own first customer. Hummers in Baghdad are symbols of much more besides: increasing security, returning normality and a yearning for the trappings of sovereignty. Mr. Hilli allowed that there was something else, too, a little more indefinable, which in Arabic is “hasad thukuri,” [penis envy]

April 2003 – Americans induce patriotism through Hummer purchase – "When I turn on the TV, I see wall-to-wall Humvees, and I'm proud," said Sam Bernstein, a 51-year-old antiquities dealer who lives in Marin County, Calif., and drives a Hummer H2, an S.U.V. sibling of the military Humvee. "They're not out there in Audi A4's," he said of the troops. "I'm proud of my country, and I'm proud to be driving a product that is making a significant contribution."

Getting off the freeway in Gardena, on the way to our appointment, I passed by this place:

Guard dog rental? Amazing heroic mural? I had to stop and take a picture. I did a few U-turns, stuck my camera out the window, took some shots (even from across the street I could hear that kennel sound of a million dogs barking), and headed the last mile to my appointment. Parked in front of our participant’s building and getting our gear ready, I was surprised when a Hummer pulled up beside us. The window rolled down and the uniformed driver, presumably the guy in the mural, said to me “You were taking pictures of my building?”

I really was confused; it was already a few minutes ago and a mile away; I was on to the next thing and it took about 15 seconds to realize that i) he had seen me across the street taking pictures and ii) he had got into his vehicle and followed me for a mile to check into it. Once I realized that he was not asking about the building I was currently standing in front of, but something from a few minutes ago, I explained that he had a beautiful mural. And this was a perfectly satisfactory answer. He told me that some of his puppies had been taken, and then introduced himself and gave me his business card. We wished each other a good day, and he drove off.

I thought about what had just transpired and how it could have been so different. There was nothing threatening about this man or his manner, just his context (a large and physically present individual who runs a security firm in a Hummer); given that he embodied a potential threat, he gave off a pleasing calmness, with no undertone of intimidation. I was not scared or uncomfortable; but I realized very quickly that the scenario was one where those feelings would be typical, and I attribute this guy’s serious coolness for keeping it that way.

Advertising in context – HBO is putting audio-enabled billboards in NY and LA to promote the season premier of "Big Love." I liked this localization detail: "HBO representatives at the sites will answer questions and, in Los Angeles, offer disposable headphones. The company assumed that New York commuters would bring their own."

Curious study on persuasion in cautioning teens about their online profies – "Many teenagers cleaned up their MySpace profiles, deleting mentions of sex and booze and boosting privacy settings, if they got a single cautionary e-mail from a busybody named "Dr. Meg." The e-mail was sent by Dr. Megan Moreno, lead researcher of a study of lower-income kids that she says shows how parents and other adults can encourage safer Internet use."

…a black diamond line for expert travelers, defined as those who fly more than twice a month and are skilled at security procedures, always ready with items removed; a blue square for casual travelers, who are familiar with the screening process; and a green circle for families and those needing assistance or more time.

I think this is an exciting idea, although it doesn’t appear to be working perfectly. It seems that people are overestimating their own expert-ness (or perhaps fudging their self-analysis in favor of a perceived “express line”) although families feel relief from the pressure of other travelers.

This seems like a classic web design problem, with different types of users (who have very different abilities, needs, and expectations) coming in the same front door. And when there’s a choice, people will obviously act in their own perceived self-interest.

I think separating “normal” from “expert” is going to be a tough thing to figure out in any situation; unless “expert” carries with it an intimidation factor, I suspect most people will escalate their capability. Otherwise “normal” starts shifting to “stupid.”

Again, an interesting approach to a problem, and as with most prototyping efforts, lots of learning about how the proposed solution is and isn’t working, yet.

Thousands of visa applications and other sensitive documents, including paperwork submitted by top executives and political figures, sat for more than a month in the open yard of a San Francisco recycling center after they were dumped there by the city’s Indian Consulate.

The documents, which security experts say represented a potential treasure trove for identity thieves or terrorists, finally were hauled away Wednesday after The Chronicle inspected the site and questioned officials at the consulate and the recycling facility.

The article goes on to detail what data about what types of people they found in their examination of the site and the expected quotes from security experts about what type of risk this creates.

Having gone through the visa application process ourselves for our trip to India last January, it’s a little disturbing to read that

a sampling of documents obtained by The Chronicle indicate that the boxes contained confidential paperwork for virtually everyone in California and other Western states who applied for visas to travel to India between 2002 and 2005.

But I was sadly amused by the response from the consulate

Consul General Prakash said there may be a cultural dimension to the level of outrage related to the incident among Western visa applicants.

“In India, I would not be alarmed,” he said. “We have grown up giving such information in many, many places. We would not be so worried if someone had our passport number.”

Deputy Consul General Sircar said that in other countries, Indian officials are able to go to the roofs of their offices and burn documents they’re no longer able to store.

“In America, you cannot do that,” he said.

You can just hear the bristling bureaucratic response, colored with that cliched “no-problem”!